diff options
author | Mike Gerwitz <mtg@gnu.org> | 2018-01-25 22:29:32 -0500 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2018-03-02 11:55:43 +0100 |
commit | e37944d8270cdca5729e3583136c4fe9d487779c (patch) | |
tree | 4763f4f0857f140d6082c4ebd4633cefb42811a9 /tests/guix-environment-container.sh | |
parent | 07ec349229eeae9f733fe92a300c7cfa4cf8e321 (diff) | |
download | guix-e37944d8270cdca5729e3583136c4fe9d487779c.tar guix-e37944d8270cdca5729e3583136c4fe9d487779c.tar.gz |
environment: Add --user.
This change allows overriding the home directory of all filesystem mappings to
help hide the identity of the calling user in a container.
* doc/guix.texi (Invoking guix environment)[--container]: Mention --user.
[--user]: Add item.
* guix/scripts/environment.scm (show-help): Add --user.
(%options): Add --user.
(launch-environment/container) Add 'user' parameter. Update doc. Override
'user-mappings' using 'override-user-mappings'. Consider override for chdir.
(mock-passwd, user-override-home, overrid-euser-dir): New procedures.
(guix-environment): Disallow --user without --container. Provide user to
'launch-environment/container'.
* tests/guix-environment.sh: Add user test.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Diffstat (limited to 'tests/guix-environment-container.sh')
-rw-r--r-- | tests/guix-environment-container.sh | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/tests/guix-environment-container.sh b/tests/guix-environment-container.sh index df40ce03e0..a2da9a0773 100644 --- a/tests/guix-environment-container.sh +++ b/tests/guix-environment-container.sh @@ -109,6 +109,17 @@ rm $tmpdir/mounts -- guile -c "$linktest" ) +# Test that user can be mocked. +usertest='(exit (and (string=? (getenv "HOME") "/home/foognu") + (string=? (passwd:name (getpwuid 0)) "foognu") + (file-exists? "/home/foognu/umock")))' +touch "$tmpdir/umock" +HOME="$tmpdir" guix environment --bootstrap --container --user=foognu \ + --ad-hoc guile-bootstrap --pure \ + --share="$tmpdir/umock" \ + -- guile -c "$usertest" + + # Check the exit code. abnormal_exit_code=" |